ArcSight Supports a Wide Range of Security Relevant Products

Transcription

1 ArcSight Supports a Wide Range of Security Relevant Products ArcSight s data collection capabilities are the most versatile in the industry and run the gamut from a centralized collection point on the ArcSight Manager ( agentless aggregation) to deployment at various devices and concentrators throughout the network using patented SmartAgent technology. SmartAgents are specifically developed to interoperate with network and security products using multiple techniques; including simple log forwarding and parsing, direct installation on native devices, concentrators, as well as - if preferred SNMP or syslog. Currently supported products are listed below. ArcSight has an aggressive roadmap to support new security and network products based on customer and partner requests. ArcSight's agent development team has a proven track record of meeting customer requests in a matter of weeks and sometimes even days. If this list does not meet your requirements, please inform the ArcSight team of other products for which you need support. Access and Identity Management Netegrity SiteMinder v4.6 Oblix NetPoint v5.2 Vormetric CoreGuard - v1.0 Anti Virus McAfee epolicy Orchestrator v2.5.1 Content Delivery NetApp NetCache Series 5.2 Data Security & Integrity Vormetric CoreGuard - v1.0 Tripwire Manager 3.0 Tripwire for Server v2.3, 2.4, 3.0 Tripwire Open Source v2.3.x Enterprise System Integration HP OpenView Operations Remedy ARS v 5.0 and above Tivoli Enterprise Management Firewall Check Point Firewall-1 v4.1, NG (Next Generation) Cisco Pix v5.x and above Cyberguard Firewall Appliances Gauntlet Firewall v6.0 Iptables Linux Kernel 2.4 and above Lucent Brick and LSMS v5.1 Netgear Prosafe Wireless VPN Firewall

2 NetScreen Firewall Appliances ScreenOS 3.0, 3.1, 4.0 Ni BlackICE Guard (desktop firewall / intrusion protection) OpenBSD Packet Filter Sidewinder Firewall v5.2 Symantec Enterprise Firewall v6.5, 7.0 (fka Raptor) Honeypot HoneyD IDS Host-based Enterasys Dragon Squire v5.0 ISS RealSecure Server Sensor v5.5, 6.0, 7.0 Nagios.org v1.0 NFR HID v1.0 SamHain labs HID v Symantec Host IDS (fka ITA) - v3.6 Tripwire Manager 3.0 Tripwire for Server v2.3, 2.4, 3.0 IDS Network-based Cisco Secure IDS 4210 Sensor v2.x, 3.0, 4.x Enterasys Dragon Sensor v 5.0 Intrusion SecureNet Pro v4.0 Intrusion SecureNet Appliances Series 2000, 5000 & 7000 Intrusion SecureNet Gig, PDS 2000, PDS 5000 ISS RealSecure Network Sensor v5.5, 6.0, 7.0 NFR NID Ni BlackICE Sentry & Sentry Gigabit Snort v1.7, Sourcefire Network Sensor v2.0, 2.1 Symantec ManHunt v2.1

3 Intrusion Prevention Cisco CSA (fka Okena) - v3.2, 4.0 McAfee Entercept - v2.0, 2.01, 2.5, 4.0 NetScreen IDP McAfee IntruShield (fka Intruvert) v1.2, 1.5 TopLayer AttackMitigator IPS TrustCorps TruShield v1.2 Log Consolidator Aelita InTrust (fka Event Admin) v6.0 Kiwi Enterprises v 7.0 Somarsoft DumpEvt for NT Logs v1.7.3 Management Consoles - Vendor Specific Enterasys Dragon Management Server v5.0 Intrusion SecureNet Provider v1.0, v2.1 Intrusion CMDS v3.5 ISS Site Protector v1.2, 2.0 ncircle IP 360 NetScreen Global Pro v4.0 NFR CMS - v2.0, v2.1 Sourcefire Management Console v2.0, 2.1 Operating System Logs All Unix & Linux syslogs Solaris & Linux login/logout log Windows NT/2000 Hosts Windows MACS Router Cisco Internet Router 2600 Series and above (w/ IOS 11.3,12.0 and above) Enterasys Router Switches Cisco Catalyst LAN Switch series, 3000 series, 2900XL, 3500XL, 5000, 6000 (w/ IOS 11.3,12.0 and above) Two-Factor Authentication RSA SecurID / RSA ACE Server Secure Computing SafeWord PremierAccess

4 VPN Check Point VPN-1 v4.1, NG (Next Generation) Cisco VPN 3000 Concentrator Series Neoteris IVE Appliance Nortel VPN Vulnerability Management Foundstone FoundScan - v2.6, 3.x Harris STAT scanner v5.1 ISS Internet Scanner v6.21, 7.0 ncircle IP 360 Device Profiler Nessus v1.1.0 and above QualysGuard Symantec ESM v5.5 Web Server Apache v1.3.0 and above Microsoft IIS

5 Supported Platforms Security Risk Management for the Enterprise Platforms and Databases Computing platforms that are currently supported are listed below. ArcSight regularly ports to additional platforms upon customer request. If you do not see your required platform, please inform the ArcSight team of other hosts, workstations, and databases you would like to see supported. You will find that ArcSight is easily implemented on common enterprise-class platforms. The application was specifically designed to be portable across multiple operating systems and databases as well as to be scalable from small, workgroup class servers to the largest enterprise class platforms. Platforms and Databases OS supported by ArcSight Manager AIX 5.1 Linux Redhat v 7.3, 8.0, (7.1 is phased out) Solaris 7,8 & 9 Windows NT/2000 OS supported by ArcSight Console Windows NT, 2000, XP Linux Redhat v7.3, 8.0 MacOS X Supported Databases DB2 8.1 Oracle 8i, 9i